Access to/from Router for Internal Servers/PCs

msamini · ‎01-14-2002

Hello,

I have configured a Cisco 2611 for AAA (Authentication, Accounting, Authorization)Instructions, but the router cannot access the internal radius server. Another problem: I have published Our DNS Server, but when I try to use the DNS Server from the Console of Our Router, the Router cannot find my DNS Server, and ISA Server logs this access as "Spoof attack"!

Here is a diagram of a part of Network:

. Internet

. |

. Router

. |

. ISA Server

. |

Accounting <---Hub----> Win2k DC (DHCP, DNS)

. Server |

.(Radius) |

. Mail Server (DNS 2)

Mohammad Samini

MickPhelps · ‎01-14-2002

A "spoof" attack is when packets try to enter your network and those packets of a source address *of* your network.

Your ISA server needs to have an exception for the IP address of your internal interface of your router.

Mick.

msamini · ‎01-18-2002

Dear Mick,

Hello,

Thank you very much for your reply. But how can I craeate an "exception" for the IP address of my Router? There is a RADIUS Server in the internal network, that the router must send information for authentication users and etc to this Server, but now the Router can not connect to this Server.

I define the internal DNS Server for the Router, but the Router cannot resolve any address, because the ISA Server denied access of the Router to the internal network.

If possible please, help me.

Regards

Mohammad Samini